Scribd
Upload
13 views5 pages

4th Bullet Item

Uploaded by

nyame.containerlab
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views5 pages

4th Bullet Item

Uploaded by

nyame.containerlab
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

4th bullet item:

To understand the problem that a BGP route server solves, we must understand the two different
peerings between SPs.

1. Private Peering:
The two SPs that need to connect decide on a location where their networks can connect
and negotiate a contract that details their peering.

2. Public Peering:
Also called NAP (Network Access Point), or IXP (Internet Exchange Point). They provide
a physical location that provides a Switched infrastructure, Cooling, Electricity, Rack
Space and etc. SPs take their border router and connect it to this Switched Infrastructure
and establish a single peering with the Route Server.

Let's configure R1, the Route Server:

On R1:

R1(config)#router bgp 100


R1(config-router)#nei 2.2.2.2 remote 200
R1(config-router)#nei 2.2.2.2 up lo0
R1(config-router)#nei 2.2.2.2 ebgp 2

R1(config-router)#nei 3.3.3.3 remote 300


R1(config-router)#nei 3.3.3.3 up lo0
R1(config-router)#nei 3.3.3.3 ebgp 2

R1(config-router)#nei 4.4.4.4 remote 400


R1(config-router)#nei 4.4.4.4 up lo0
R1(config-router)#nei 4.4.4.4 ebgp 2

On R2:
R2(config)#router bgp 200
R2(config-router)#nei 1.1.1.1 remote 100
R2(config-router)#nei 1.1.1.1 up lo0
R2(config-router)#nei 1.1.1.1 ebgp 2

On R3:

R3(config)#router bgp 300


R3(config-router)#nei 1.1.1.1 remote 100
R3(config-router)#nei 1.1.1.1 up lo0
R3(config-router)#nei 1.1.1.1 ebgp 2

On R4:

R4(config)#router bgp 400


R4(config-router)#nei 1.1.1.1 remote 100
R4(config-router)#nei 1.1.1.1 up lo0
R4(config-router)#nei 1.1.1.1 ebgp 2

To verify the peering:

On R1:
R1#sh ip bgp summ | b Nei

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


2.2.2.2 4 200 39 39 1 0 0 00:32:32 0
3.3.3.3 4 300 38 38 1 0 0 00:32:30 0
4.4.4.4 4 400 38 38 1 0 0 00:32:35 0

Let's configure the route server and configure R2, R3 and R4 as a route Server Client:

R1(config)#router bgp 100


R1(config-router)#address-family ipv4 unicast
R1(config-router-af)#neigh 2.2.2.2 route-server-client
R1(config-router-af)#neigh 3.3.3.3 route-server-client
R1(config-router-af)#neigh 4.4.4.4 route-server-client

Notice, it is identical to RRs.

R1#sh ip bgp summ | b Nei


Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 200 39 39 1 0 0 00:32:32 0
3.3.3.3 4 300 38 38 1 0 0 00:32:30 0
4.4.4.4 4 400 38 38 1 0 0 00:32:35 0

Now, let's advertise Lo1 interface of R2 with an IP address of 21.2.2.2/8:

On R2:

R2(config)#router bgp 200


R2(config-router)#netw 21.0.0.0

Notice, the second R2 advertises its Lo1 interface we get a console message stating that a
"Malformed attribute received from 1.1.1.1. By default, BGP speaking routers are configured to
deny and discard an update received from an eBGP peer that does not list its ASN at the
beginning of the AS_PATH in the incoming update.

Basically, this is a Security feature in BGP, R2 advertised its Lo1 to R1 and prepended its ASN.

R1 received the path and advertised it to R3, and R4. But since the route server is transparent, it
didn't include its ASN, and since R2, R3, and R4 have a peering with R1 and no one else, they
didn't see R1's ASN in the AS-Path list.

This security feature can be disabled:

On R2:
R2(config)#router bgp 200
R2(config-router)#no bgp enforce-first-as

R2#clea ip bgp * soft

On R3:
R3(config)#router bgp 300
R3(config-router)#no bgp enforce-first-as

R3#cle ip bgp * soft

On R4:
R4(config)#router bgp 400
R4(config-router)#no bgp enforce-first-as

R4#cle ip bgp * soft


To Verify the configuration:

On R3:
R3#sh ip bgp | b Net

Network Next Hop Metric LocPrf Weight Path


*> 21.0.0.0 2.2.2.2 0 0 200 i

On R4:
R4#sh ip bgp | b Net

Network Next Hop Metric LocPrf Weight Path


*> 21.0.0.0 2.2.2.2 0 0 200 i

Let's advertise the Lo1 interfaces of R3 and R4:

On R3:
R3(config)#router bgp 300
R3(config-router)#netw 31.0.0.0

On R4:
R4(config)#router bgp 400
R4(config-router)#netw 41.0.0.0

To verify:

On R1:
R1#sh ip bgp | b Net

Network Next Hop Metric LocPrf Weight Path


*> 21.0.0.0 2.2.2.2 0 0 200 i
*> 31.0.0.0 3.3.3.3 0 0 300 i
*> 41.0.0.0 4.4.4.4 0 0 400 i
On R2:
R2#sh ip bgp | b Net

Network Next Hop Metric LocPrf Weight Path


*> 21.0.0.0 0.0.0.0 0 32768 i
*> 31.0.0.0 3.3.3.3 0 0 300 i
*> 41.0.0.0 4.4.4.4 0 0 400 i

On R3:
R3#sh ip bgp | b Net

Network Next Hop Metric LocPrf Weight Path


*> 21.0.0.0 2.2.2.2 0 0 200 i
*> 31.0.0.0 0.0.0.0 0 32768 i
*> 41.0.0.0 4.4.4.4 0 0 400 i

On R4:
R4#sh ip bgp | b Net

Network Next Hop Metric LocPrf Weight Path


*> 21.0.0.0 2.2.2.2 0 0 200 i
*> 31.0.0.0 3.3.3.3 0 0 300 i
*> 41.0.0.0 0.0.0.0 0 32768 i

R4#trace 21.2.2.2 sou lo1

Type escape sequence to abort.


Tracing the route to 21.2.2.2
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.1.2 2 msec * 1 msec

R4#trace 31.3.3.3 sou lo1

Type escape sequence to abort.


Tracing the route to 31.3.3.3
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.1.3 2 msec * 1 msec

You might also like